package com.mworld.galaxy.base.shiro.web.filter.authc;

import org.apache.shiro.authc.AuthenticationToken;

import com.mworld.galaxy.base.shiro.authc.UsernamePasswordRolesToken;

/**
 * 用户登录时，先要检查是否属于指定的角色，若不属于则不予登录。
 * 为设置此角色，重载shiro的登录filter。
 * 
 * @author leo
 */
public class FormAuthenticationFilter extends org.apache.shiro.web.filter.authc.FormAuthenticationFilter {
	private String requiredRoles;

	@Override
    protected AuthenticationToken createToken(String username, String password,
            boolean rememberMe, String host) {
    	return new UsernamePasswordRolesToken(username, password, rememberMe, host, getRequiredRoles());
	}

	public String getRequiredRoles() {
		return requiredRoles;
	}

	public void setRequiredRoles(String requiredRoles) {
		this.requiredRoles = requiredRoles;
	}

}
